Common Contracts

Smart Card based Secure Authentication and Key Agreement Protocol

November 3rd, 2010

• Filed
  November 3rd, 2010

remote user authentication scheme which is an improvement on Hwang-Lee-Tang’s scheme. However, we found that Yoon- Ryu-Yoo’s scheme easily reveals a user’s password and is vulnerable to impersonation attack using stolen smart card. This scheme is also found to be vulnerable to parallel session attack and man-in-the-middle attack. This paper proposes a new remote user authentication scheme that resolves the aforementioned problems, while keeping the merits of Yoon- Ryu-Yoo’s scheme.